Closed
Bug 396484
Opened 17 years ago
Closed 17 years ago
certutil doesn't truncate existing temporary files when writing them
Categories
(NSS :: Tools, defect, P2)
NSS
Tools
Tracking
(Not tracked)
RESOLVED
FIXED
3.12
People
(Reporter: neil.williams, Assigned: neil.williams)
Details
Attachments
(1 file)
2.10 KB,
patch
|
julien.pierre
:
review+
nelson
:
review+
|
Details | Diff | Splinter Review |
Certutil -C and -S commands create temporary cert or cert request files for storing working versions of the objects. If the files exist when certutil is run and they are longer than the cert (req) created extraneous data remains at the end of the file. When the temp file is read back in--for certs, at least--the file length is checked against the DER encoded length, which fails.
Assignee | ||
Updated•17 years ago
|
Status: NEW → ASSIGNED
Assignee | ||
Comment 1•17 years ago
|
||
Assignee: nobody → neil.williams
Attachment #281406 -
Flags: review?(julien.pierre.boogz)
Comment 2•17 years ago
|
||
Comment on attachment 281406 [details] [diff] [review] add PR_TRUNCATE to temp file create calls r=nelson for the trunk. Leaving second review request for branch.
Attachment #281406 -
Flags: review+
Assignee | ||
Comment 3•17 years ago
|
||
Checking in cmd/certutil/certutil.c; /cvsroot/mozilla/security/nss/cmd/certutil/certutil.c,v <-- certutil.c new revision: 1.121; previous revision: 1.120 done
Updated•17 years ago
|
Attachment #281406 -
Flags: review?(julien.pierre.boogz) → review+
Comment 4•17 years ago
|
||
Fixed on trunk. Fix didn't get into branch in time for 3.11.8.
Priority: -- → P2
Target Milestone: 3.12 → 3.11.9
Comment 5•17 years ago
|
||
Neil fixed this on the trunk. IMO, that's good enough.
Status: ASSIGNED → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Target Milestone: 3.11.9 → 3.12
You need to log in
before you can comment on or make changes to this bug.
Description
•